the failed compiling on MINGW/proxspace warns over a overflow in buffer[5], the return value in utf8_check_first() can be 0 - 4, which used later in loop as index with 1 as start offset. a 4 will overflow the buffer[5]. Increased buffer with to just in case to support the zero terminator. Another option where this code will bail out is, 0 is goto out, 1 will trigger the assert and break client. A bit ruff I say.

2025-08-14 18:48:13 -07:00 · 2024-05-12 19:14:17 +02:00 · 2024-05-12 19:14:17 +02:00 · c50f109f05
commit c50f109f05
parent d714902fc0
2 changed files with 7 additions and 2 deletions
--- a/client/deps/jansson/load.c
+++ b/client/deps/jansson/load.c
@ -54,7 +54,7 @@ typedef int (*get_func)(void *data);
 typedef struct {
    get_func get;
    void *data;
-    char buffer[5];
+    char buffer[7];
    size_t buffer_pos;
    int state;
    int line;
@ -179,11 +179,15 @@ static int stream_get(stream_t *stream, json_error_t *error) {
            size_t i, count;

            count = utf8_check_first(c);
-            if (!count)
+            if (count == 0) {
                goto out;
+            }
+
+            // whatif count == 1 ?!?

            assert(count >= 2);

+            // if count == 4 ,   i will become 5 and overflow.
            for (i = 1; i < count; i++)
                stream->buffer[i] = stream->get(stream->data);